<?php
	session_start();
	include("../Data/User.php");
	function changeURL($path)
	{
		echo '<script type = "text/javascript">';
		echo 'location = "'.$path.'";';
		echo '</script>';
	}
	
	if(isset($_REQUEST["txtUID"]) == true)
	{
		$us = $_REQUEST["txtUID"];
		$ps = $_REQUEST["txtPWD"];
		
		include("../lib/DataProvider.php");
		$query = "SELECT * FROM nguoidung nd, loainguoidung lnd WHERE nd.MALND=lnd.MALND and nd.TENDANGNHAP = '".$us."' AND nd.MATKHAU = '".$ps."' and nd.BIXOA=0";
		$result = DataProvider::ExecuteQuery($query);
		$row = mysql_fetch_array($result);
		if($row == null)
		{
			changeURL("../index.php");
		}
		else
		{
			$maND=$row["MAND"];
			$tenDangNhap=$row["TENDANGNHAP"];
			$maLND=$row["MALND"];
			$email=$row["EMAIL"];
			$role=$row["ROLE"];
			$biXoa=$row["BIXOA"];
			$user = new User;
			$user->setMaND($maND);
			$user->setTenDangNhap($tenDangNhap);
			$user->setMaLND($maLND);
			$user->setEmail($email);
			$user->setRole($role); 
			$user->setBiXoa($biXoa);
			$_SESSION['user'] = serialize($user);
			//$_SESSION["MaTaiKhoan"] = $row["MaTaiKhoan"];
			//$_SESSION["MaLoaiTaiKhoan"] = $row["MaLoaiTaiKhoan"];
			//$_SESSION["TenHienThi"] = $row["TenHienThi"];
			//changeURL($_SESSION["url"]);	
			changeURL("../index.php");
		}
	}
	else
	{
		changeURL("../index.php");	
	}
	
	
?>